United States Patent and Trademark Ofhce 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark OtBce 

Address: COMMISSIONER FOR PATENTS 



APPLICATION NO. 



10/585,097 



FILING DATE 



06/30/2006 



FIRST NAMED INVENTOR 



1444 7590 12/21/2011 

Browdy and Neimark, PLLC 
1625 K Street, N.W. 
Suite 1100 

Washington, DC 20006 



ATTORNEY DOCKET NO. CONFIRMATION NO. 



AVERY, ffiREMIAH L 



PAPER NUMBER 



DELIVERY MODE 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



Office Action Summary 



Application No. 

10/585,097 
Examiner 
JEREMIAH AVERY 



Applicant(s) 
LEROY ET AL. 
Art Unit 
2431 



~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under tine provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SiX (6) MONTHS from the mailing date of this communication. 

- if NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from tfie mailing date of this communication. 

- Failure to reply witfiin tfie set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )S Responsive to communication(s) filed on 15 July 2011 . 
2a)n This action is FINAL. 2b)^ This action is non-final. 

3) n An election was made by the applicant in response to a restriction requirement set forth during the interview on 

; the restriction requirement and election have been incorporated into this action. 

4) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

5) ^ Claim(s) 1-1 7 is/are pending in the application. 

5a) Of the above claim(s) is/are withdrawn from consideration. 

6) n Claim(s) is/are allowed. 

7) ^ Claim(s) iilZ is/are rejected. 

8) n Glaim(s) is/are objected to. 

9) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

10) 0 The specification is objected to by the Examiner. 

11) ^ The drawing(s) filed on (none were filed) is/are: a)n accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

12) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

13) KI Acl<nowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)|E|AII b)n Some *c)n None of: 

1 .|EI Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) ^ Notice of References Cited (PTO-892) 

2) n Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 

Paper No(s)/Mail Date . 

PTOL-326 (Rev. 03-1 1 ) OHIce . 



4) n Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) n Notice of Informal Patent Application 

6) □ Other: . 



Summary Part of Paper No./Mail Date 201 11216 



Application/Control Number: 10/585,097 
Art Unit: 2431 



Page 2 



DETAILED ACTION 



I. 



Claims 1-17 have been examined. 



II. 



Responses to Applicant's remarks have been given. 



Continued Examination Under 37 CFR 1. 1 14 



1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .1 7(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.1 14. Applicant's submission filed on 
07/1 5/1 1 has been entered. 



2. Applicant's arguments filed 07/1 5/1 1 have been fully considered but they are not 
persuasive. With respect to the Applicant's arguments pertaining to claim 1 , the 
Examiner upholds that Bischof teaches the Applicant's claimed invention, as cited 
below. 

3. With regards to the claim language of "having the system store an entire set of 
references which the program obtains means considered as licit, said licit reference 
being stored when introducing into the program said reference by a licit means and 
when this licit reference is not already stored", the Examiner upholds that within, column 
6, lines 13-24, Bischof discloses this via "The binder then includes the appropriate code, 
according to the symbolic references, and substitutes the symbolic references with an 
appropriate object reference. This object reference then points to the beginning of the 



Response to Arguments 



Application/Control Number: 10/585,097 Page 3 

Art Unit: 2431 

location where the method resides. The Java environment uses a lazy binding 
approach." Also, the "Java library" within column 9, lines 44-62 provides sufficient 
support: "provides protection of system classes that reside in the Java library. An object 
reference received from the name resolution process is a pointer to the corresponding 
piece of code, which actually points to the beginning of a method description." 

Claim Rejections - 35 USC §102 

(b) the invention was patented or described in a printed publication in this or a foreign country or in 
public use or on sale in this country, more than one year prior to the date of application for patent in 
the United States. 

Claims 1-4, 9-14 and 17 are rejected under 35 U.S.C. 102(b) as being 
anticipated by United States Patent No. 6,658,573 to Bischof et al., hereinafter Bischof. 

4. On page 4 of the Applicant's Specification, with regards to the terms "licit" and 
"illicit", it is stated that "the actual definition of what is a licit or illicit reference depends 
on the system, on the programming language and possibly on the context". Thus the 
claim language is open to a broad interpretation and is disclosed via the citations of the 
prior art below. 

5. Regarding claim 1 , Bischof teaches a method for controlling access to data 
handled by references in a system for executing programs, said programs including 
processes and tasks, wherein upon executing a program, the method comprises the 
following steps: 

having the system store an entire set of references which the program obtains means 
considered as licit, said licit reference being stored when introducing into the program 
said reference bv a licit means and when this licit reference is not alreadv stored 
(column 6, lines 13-24 and 44-62, column 9, lines 39-54, "Java library", column 12, lines 
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52-63, "both segments are mapped into different areas of the address space" and 
column 13, lines 41-54). 

before any operation intended to be forbidden in case said operation deals with values 
which are not licit references, having the system check that said values are among the 
licit references which have been stored for this program, and accepting the operation, 
responsive to said step of checking, when said checking determines said values are 
among the licit references, and rejecting the operation responsive to said step of 
checking, when said checking determines said values are not among the licit references 
(column 7, lines 36-67, "reject the invocation", "assign and/or check rights to the caller 
entity"). 

6. Regarding claim 2, Bischof teaches wherein the references are pointers (column 
1 3, lines 6-25 and 41 -54 and column 1 4, lines 46-59). 

7. Regarding claim 3, Bischof teaches wherein the licit means for a program in 
order to obtain reference values comprise at least one of the following operations: 
reading a variable or a datum belonging to the system or to another program, writing 
into a variable or datum of said program by the system or by another program, receiving 
arguments upon calling a routine of said program by the system or by another program, 
utilization of the return value from the call by said program of a routine belonging to the 
system or to another program, having said program catch up a raised exception during 
execution of a routine belonging to the system or to another program, receiving by said 
program an interruption or a valuated signal (column 5, lines 61-67, column 6, lines 1-3 
and 25-31 and column 7, lines 3-15). 
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8. Regarding claim 4, Bischof teaches wherein the system comprises a mechanism 
which determines whether a given value is a valid reference (column 7, lines 30-57, "If 
the guard object indicates no error, execution continues as usual"). 

9. Regarding claim 9, Bischof teaches wherein the whole of the licit stored 
references is represented by a table (column 13, lines 6-25). 

1 0. Regarding claim 1 0, Bischof teaches wherein the set of the licit stored references 
is emptied, by means of a conservative garbage collector, of references which have 
become inactive (column 15, lines 4-11 and column 16, lines 1-9, "the garbage 
collection is responsible for removing obsolete objects and freeing up the memory"). 

1 1 . Regarding claim 1 1 , Bischof teaches wherein: the references are represented in 
the system by handles and tables of pointers, the sets of licit stored references are 
represented by vectors of bits associated with some of the tables of pointers, where a 
bit has a given index which represents the presence or the absence of the 
corresponding reference in said sets, said vectors of bits are represented by means of a 
sequence of indexes or lengths corresponding to the extents of bits positioned in the 
same way (column 13, lines 6-25 and 41-54 and column 14, lines 46-59). 

1 2. Regarding claim 1 2, Bischof teaches wherein the references are handles 
(column 14, lines 38-59, "a pointer to the appropriate guard dispatch table is assigned to 
the executing thread"). 

[According to page 3 of the Applicant's Specification, "A handle is an index 
in a table of pointers (and more generally in a table of references). The 
values of pointers and handles also sometimes include specific bits which 
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give information on tine datum (for example on the referenced memory 
area or on the information therein) or, in the case of handles, on the 
associated table." Thus, the claimed "handles" are interpreted by the 
Examiner to pertain to Bischof s disclosure of a "guard dispatch table" and 
the associations related therein.] 

1 3. Regarding claim 1 3, Bischof teaches wherein the stored licit references are 
limited to the sole references on data considered as sensitive for the system (column 6, 
lines 13-24 and 44-62, column 9, lines 55-67). 

1 4. Regarding claim 1 4, Bischof teaches wherein said checks check that the values 
are among the sensitive licit references which were stored for this program or else 
which are references determined as valid and dealing with data which are not sensitive 
(column 7, lines 36-67, "reject the invocation", "assign and/or check rights to the caller 
entity" and "perform a notification and/or auditing service"). 

1 5. Regarding claim 1 7, Bischof teaches wherein some of said tables are reserved 
for licit references (column 14, lines 46-59). 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 

USPQ 459 (1966), that are applied for establishing a background for determining 

obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the phor art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

1 6. Claims 5 and 6 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Bischof and further in view of United States Patent No. 7,127,605 to Montgomery et al., 
hereinafter Montgomery. 

1 7. Bischof teaches the claimed invention, as cited within independent claim 1 . 
However, Bischof does not teach the claim features of dependent claims 5 and 6 
pertaining to the functionality of the firewall. Montgomery teaches said features, as 
cited below. 

1 8. Regarding claim 5, Montgomery teaches wherein the system comprises a firewall 
which forbids certain operations by certain programs on certain referenced data, data 
considered as being sensitive for the system being those for which the operations are 
not forbidden by the firewall (column 3, lines 43-62, "the 810 206 still cannot access 216 
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methods in the client applet 1 00; such access is still prevented by the firewall 106" and 
column 4, lines 21-66, "server applet 102 is still prohibited from accessing 310 the client 
applet 100 due to firewall 106"). 

1 9. Regarding claim 6, Montgomery teaches wherein the firewall forbids certain 
operations by a program on data belonging to other programs, except on those declared 
as shareable (column 3, lines 43-62, "the SIO 206 still cannot access 216 methods in 
the client applet 100; such access is still prevented by the firewall 106" and column 4, 
lines 21-66, "server applet 102 is still prohibited from accessing 310 the client applet 
100 due to firewall 106"). 

20. The motivation to combine would be to have "the applications being able to share 
methods in a secure manner using delegates to enforce the security policy that each 
application wishes to impose with regard to each method shared" {Montgomery - 

column 2, lines 47-54). 

21 . Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate the teachings of Montgomery with the 
teachings of Bischof so that "the client applet 100 and the server applet 102 may freely 
communicate with the JCRE 1 08, but the client applet 1 00 is prevented from referencing 
1 10 the server applet 102 by the firewall 106 to ensure security" {Montgomery- column 
3, lines 38-42). 

22. Claims 7, 8 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Bischof and Montgomery, and further in view of United States Patent No. 
7,140,549 to de Jong, hereinafter de Jong. 
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23. Though Bischof teaches the claimed invention as cited within independent claim 
1 , it does not teach the claimed features within claims 7 and 8 pertaining to 
"Javacard.framework.Shareable". Montgomery and de Jong teach said features, as 
cited below. 

24. Regarding claim 7, Montgomery teaches wherein the system is based on a Java 
Card virtual machine and wherein: 

the data declared as shareable and therefore sensitive, are objects which are instances 
of classes which implement the "Javacard.framework.Shareable" interface (Figures 1- 
2d, 3a and 3b, column 3, lines 31-60 and column 6, lines 32-62, 
"JCSystem.getAppletSharablelnterfaceObject"). 

25. Further, for claim 7, Montgomery teaches some of the claimed features, as cited 
above but does not teach the features pertaining to "a program consists of the whole of 
the code which is found in a 'Java Card package'; the firewall is that of the Java Card 
Runtime Environment (JCRE)". Thus, de Jong is cited to teach these claimed features. 

26. Regarding claim 7, de Jong teaches a program consists of the whole of the code 
which is found in a "Java Card package"; the firewall is that of the Java Card Runtime 
Environment (JCRE) (Figure 3 and column 8, lines 21-31 and 38-49). 

27. The motivation to combine would be " for having two or more applets within a 
single firewall is where one applet manages the code and classes of the other 
applications(s) that are within the same firewall" {de Jong - column 8, lines 26-29). 

28. Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate the teachings of de Jong with the teachings 
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of Montgomery and Bischof due to "it is clearly Important to determine tlie correct 
firewall for the applet, so that the applet Is Installed Into the proper location" {de Jong - 
column 8, lines 46-49). 

29. Regarding claim 8, Montgomery teaches wherein the system stores In sets of 
sensitive licit references associated with a package all the references which appear in 
the following cases: receiving arguments of "Javacard.framework.Shareable" type when 
a method of said package Is called by another package or by the system, 
"Javacard.framework.Shareable" type return value when said package calls a method 
from another package or from the system (Including the a 
"getAppletSharreablelnterfaceObject" method of "Javacard.framework.JCSystem 
package"), reading a public static field of "Javacard.framework.Shareable" type In 
another package or In the system, catching up an Instance object of a class from 
(inheriting from) "java.lang.Throwable" and implementing 

"Javacard.framework.Shareable" (Figures 1-2d, 3a and 3b, column 3, lines 31-60 and 
column 6, lines 32-62, "JCSystem.getAppletSharablelnterfaceObject"). 

30. The motivation to combine would be to have a repository containing the means 
for accessing the desired software application/program. 

31 . Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to Incorporate the teachings of Montgomery with Bischof 
so that "Instead of granting a client application access to an Interface of the server 
application, the client Is given access to a delegate object. The delegate object controls 
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access to the shared methods of the server application by enforcing a security policy, 
using security mechanisms" {Montgomery- column 4, lines 7-11). 

32. Bischof teaches the claimed invention, as cited within independent claim 1 but 
does not teach the claimed features within dependent claim 15 pertaining to the types of 
objects within the system. Montgomery teaches said features, as cited below. 

33. Regarding claim 1 5, Montgomery teaches wherein the data declared as 
shareable and therefore sensitive, are objects with public use of the system: global 
arrays and Entry Point Objects of JCRE (column 3, lines 43-60, "the server applet 102 
responds by returning 208 to the JCRE 108 a reference to a shareable interface object 
(SIO) 206 if access Is granted to the client, or null if access is not granted"). 

34. The motivation to combine would be to have "the applications being able to share 
methods in a secure manner using delegates to enforce the security policy that each 
application wishes to impose with regard to each method shared" {Montgomery - 
column 2, lines 47-54). 

35. Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate the teachings of Montgomery with the 
teachings of Bischof so that "the client applet 100 and the server applet 102 may freely 
communicate with the JCRE 108, but the client applet 100 is prevented from referencing 
1 10 the server applet 102 by the firewall 106 to ensure security" {Montgomery- column 
3, lines 38-42). 
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36. Claim 16 is rejected under 35 U.S.C. 103(a) as being unpatentable over Bischof 
as applied to claim 1 1 above, and further in view of United States Patent No. 7,140,549 
to de Jong, hereinafter de Jong. 

37. With regards to claim 1 6, though Bischof teaches the claimed invention, as cited 
above, Bischof does not teach the claim language found within claim 16 pertaining to 
"said vectors of bits are hollow", de Jong teaches said claim language, as cited below. 

38. Regarding claim 1 6, de Jong teaches wherein said vectors of bits are hollow 
(column 17, lines 26-34, "the appropriate number of null bytes"). 

39. The motivation to combine would be that in the event that "most of the bytes in 
the AID parameter passed from the terminal to the card are zero, they can be truncated 
to fit the parameter into the AID byte array" {de Jong - column 17, lines 40-43). 

40. Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate the teachings of de Jong with the teachings 
of Bischof in order that objects "are only instantiated if particularly required, thereby 
saving storage on the card" (de Jongf- column 1 1 , lines 26-29). 

Conclusion 

41 . The prior art made of record and not relied upon is considered pertinent to 

applicant's disclosure. 

42. The following United States Patents and Patent Application Publications are 
further cited to show the state of the art with respect to data access, such as: 
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United States Patent Application Publication No. US 2003/0120593 to Bansal et 
al., which is cited to show a method and system for delivering multiple services 
electronically to customers via a centralized portal. 

United States Patent Application Publication No. US 2005/0044197 to Lai, which 
is cited to show a structured methodology and design patterns for web services. 
United States Patent No. 6,633,984 to Susser et al., which is cited to show 
techniques for permitting access across a context barrier on a small footprint 
device using an entry point object. 

United States Patent No. 6,151 ,688 to Wipfel et al., which is cited to show 
resource management in a clustered computer system. 

United States Patent No. 7,1 17,284 to Watt et al., which is cited to show vectored 
interrupt control within a system having a secure domain and a non-secure 

domain. 

United States Patent No. 7,149,862 to Tune et al., which is cited to show access 
control in a data processing apparatus. 

United States Patent No. 7,171 ,539 to Mansell et al., which is cited to show an 
apparatus and method for controlling access to a memory. 
United States Patent No. 7,305,534 to Watt et al., which is cited to show control 
of access to a memory by a device. 

United States Patent No. 6,807,636 to Hartman et al., which is cited to show 
methods and apparatus for facilitating security in a network. 
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United States Patent No. 6,560,774 to Gordon et al., which is cited to show a 
verifier to check intermediate language. 

43. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JEREMIAH AVERY whose telephone number is 

(571 )272-8627. The examiner can normally be reached on Monday thru Friday 8:30am- 
5pm. 

44. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nathan Flynn can be reached on (571) 272-1915. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

45. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Jeremiah Avery/ 
Examiner, Art Unit 2431 
/NATHAN FLYNN/ 

Supervisory Patent Examiner, Art Unit 2431 



